Unrated severityNVD Advisory· Published Aug 11, 2020· Updated Aug 4, 2024

CVE-2020-10778

Description

In Red Hat CloudForms 4.7 and 5, the read only widgets can be edited by inspecting the forms and dropping the disabled attribute from the fields since there is no server-side validation. This business logic flaw violate the expected behavior.

Affected products

Chatwoot/Cloudformsv5
Range: 4.7 and 5

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

access.redhat.com/security/cve/cve-2020-10778mitrex_refsource_MISC
bugzilla.redhat.com/show_bug.cgimitrex_refsource_MISC

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000